π― New Features
- Kubernetes and Istio Logging Plugin
A new Kubernetes and Istio logging plugin has been introduced to enhance log collection and observability for Kubernetes environments using Istio.
- User Password Change Auditing
System logs now track all user password changes, improving security monitoring and compliance.
- Check Point Harmony Endpoint Log API Integration
Support has been added for Check Point Harmony Endpoint logs, enabling seamless log collection and security event monitoring.
- Discord Integration for Notifications
Discord integration has been implemented, allowing real-time notifications and incident alerts via mentions.
π§ Bug Fixes
- Incident Status and Sorting Issues Resolved
Fixed an issue where sorting by incident severity or status was not functioning correctly in the incident management module.
- Improvements in Notification System
Addressed inconsistencies in notification messages, ensuring reliable event updates.
- Search Button Visibility Issue Resolved
The search button will no longer appear when there are no matching results during reindexing.
- IBM QRadar EDR API Token Management Fixed
Resolved token management issues in IBM Security QRadar EDR API, ensuring seamless authentication and API stability.
Enhancements in FortiAnalyzer and FortiMail Log Parsing
β’ Fixed normalization issues in FortiAnalyzer logs.
β’ Updated FortiMail plugin mapping for improved log accuracy.
Microsoft Defender XDR API Improvements
β’ Added new form fields for Scope and Base URL in Azure Graph Audit.
β’ Fixed API token issues for Microsoft Defender XDR to improve integration stability.
Citrix NetScaler ADC Log Enhancements
β’ Fixed timestamp normalization issues for Citrix logs, ensuring accurate event timelines.
Performance Optimizations
β’ Optimized InfluxDB query execution to reduce processing time and improve performance.
β’ Improved system health check log collection, fixing previous errors.
π Plugin and API Poller Updates
New Plugins
β’ Kubernetes and Istio logging plugin added for enhanced observability.
β’ Citrix NetScaler ADC log plugin introduced for improved log handling.
Updated Plugins
β’ FortiAnalyzer plugin updated for better log processing.
β’ FortiMail plugin updated for improved event mapping and normalization.
API Poller Updates
β’ IBM Security QRadar EDR API enhancements for stable log retrieval.
β’ Microsoft Defender XDR API now supports improved token management.
β’ Check Point Harmony Endpoint Log API integration added.
π Other Improvements
Export and Parser Enhancements
β’ Export functionality for Zookeeper configurations has been reintroduced, ensuring proper configuration backup management.
β’ Fixed cron job issues in legacy parsers, improving scheduled log processing.
Web Interface Fixes
β’ Resolved logout errors in the web interface, ensuring a smoother user experience.
This release focuses on enhancing security monitoring, improving integrations, and optimizing system performance to provide a more stable and feature-rich experience. π